Date: Mon, 14 Jun 2010 10:38:08 -0300 From: Mario Sergio Fujikawa Ferreira <lioux@FreeBSD.org> To: Ion-Mihai Tetcu <itetcu@FreeBSD.org> Cc: cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org, ports-committers@FreeBSD.org Subject: Re: cvs commit: ports/net-p2p/i2p Makefile distinfo Message-ID: <20100614103808.178226fplw933wzk@exxodus.dyndns.org> In-Reply-To: <20100613155227.06b69f26@it.buh.tecnik93.com> (sfid-20100613_10270_71C95937) References: <201006131150.o5DBohDo089108@repoman.freebsd.org> <20100613155227.06b69f26@it.buh.tecnik93.com> (sfid-20100613_10270_71C95937)
next in thread | previous in thread | raw e-mail | index | archive | help
Quoting Ion-Mihai Tetcu <itetcu@FreeBSD.org>: > On Sun, 13 Jun 2010 11:50:43 +0000 (UTC) > Mario Sergio Fujikawa Ferreira <lioux@FreeBSD.org> wrote: > >> lioux 2010-06-13 11:50:43 UTC >> >> FreeBSD ports repository >> >> Modified files: >> net-p2p/i2p Makefile distinfo >> Log: >> - Update i2p to 0.7.14 >> - Update jetty to 5.1.15 due to security issues > > What issues? is there an VuXMl entry? Or at least an external reference > (CVS, ...? Sorry, according to the I2P site, they're referring to the following CERT Vulnerability Note VU#402580: http://www.kb.cert.org/vuls/id/402580 Perhaps, we should add to VuXML that any version of the net-p2p/i2p prior to 0.7.14 is vulnerable due to that CERT. I've never added anything to VuXML before so I am not sure what is the proper procedure. Regards, -- Mario S F Ferreira - DF - Brazil - "I guess this is a signature." feature, n: a documented bug | bug, n: an undocumented feature
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100614103808.178226fplw933wzk>